Child Sexual Abuse (CSA) Online Filtering System
Ensuring a safe digital environment for Mauritian children
Ensuring a safe digital environment for Mauritian children is one major commitment of the regulatory Authority of Mauritius. In order to fight and prevent child sexual abuse (CSA) online, the Information and Communication Technologies Authority (ICTA) has adopted a CSA solution. Mauritius was the first African country to implement such a centralised filtering solution to protect children from sexual abuse online.
The ICTA’s CSA solution filters access to CSA sites for Internet users in the Republic of Mauritius. This filtering mechanism is based on international partnership and uses the method of blacklisting to prevent Internet users in Mauritius to access to CSA material. The objective is three-fold:
- Offer greater protection against accidental viewing
- Reduce the availability and circulation of CSA material in Mauritius
- Limit the trauma experienced by the victims and their families.
The mandate of the ICTA
Pursuant to the ICT Act 2001, as amended, the Authority is empowered to “take steps to regulate or curtail harmful and illegal content on Internet and other information and communication services” (Section 18(1)m).
The ICTA’s project on CSA material filtering is also pursuant to the recommendations of the Budapest Convention on Cybercrime 2001 and of the UN Committee on the Rights of the Child. Article 9 of the Budapest Convention on Cybercrime 2001 specifies that each country shall establish measures to criminalize the offences related to child pornography, in particular making available, distributing or transmitting child pornography through a computer system. In its 2014 report on Digital media and children’s rights, the UN Committee on the Rights of the Child has called on regulatory agencies to demonstrate responsibility in developing standards relevant to children’s rights and ICTs.
The CSA filtering mechanism
The CSA filtering is the flagship of the ICT Authority’s commitment in the prevention of CSA. It was launched in February 2011 and further reinforced thanks to a cooperation with the UK-based NGO Internet Watch Foundation (IWF) as from 2013.
The CSAM filtering mechanism set up by the ICTA makes use of the IWF database, which is updated daily and blacklists CSA websites or pages. Once IWF adds any website or web page to its blacklist, the ICTA’s filtering system is automatically updated and the newly added websites or web pages can no longer be accessed to from Mauritius.
In order to implement its centralised online content filtering solution, the ICT Authority chose the Netclean Whitebox technology which had been developed specifically for the task of detecting and blocking CSA material. The CSA filtering set up was initially hosted at the ICT Authority and was connected to all the local ISPs providing Internet access to the public in the Republic of Mauritius until 2014.
After 2014, the CSA filtering set up has been shifted on a cloud-based mode whereby no hardware was required any longer at the ICTA premises. Since November 2020 as at date, Netsweeper is the new service provider for CSA filtering which uses the same technology as before which is also cloud based.
Efficiency and Advantages
With the CSA filtering solution, the ICTA is ensuring that ISPs are supplying their customers with an Internet connection which is clean from access to CSA websites, in the same way that a water company makes sure that the water provided in its pipes is uncontaminated. It has several advantages:
- Little effect on the passage of network traffic and on performance
- Lower cost than one-step filters
- Free from the problems inherent to proxy servers
- Ideal for country gateway implementations
Since its implementation in 2011, the ICTA’s CSA filtering solution has allowed the filtering of 1,835,064 attempts (hits) to access CSA websites by Mauritian users and the blocking of 110,026 Mauritian IPs addresses.
Child Sexual Abuse (CSA) Online Content Filtering System
Under section 18 (1) m of the ICT Act 2001 of Mauritius, one of the functions of the ICT Authority is to “take steps to regulate or curtail harmful and illegal content on Internet and other information and communication services”.
To fulfill this mandate, the ICT Authority has launched on the 8th of February 2011, a centralised online content filtering solution to filter access to child sexual abuse (CSA) sites for Internet users in Mauritius. The deployment of this filtering system will reduce the availability and circulation of child abuse images in Mauritius – and limit the trauma experienced by victims’ when their images circulate on the Internet. At the same time, it will protect against accidental viewing, giving people in Mauritius, the confidence in the Internet they deserve.
In order to implement this centralised online content filtering solution, the ICT Authority has chosen the Netclean Whitebox technology which has been developed specifically for this task in 2006. This CSA filtering set up was hosted at the ICT Authority and was connected to all local ISPs providing Internet access to the public in Mauritius until June 2014 after which the CSA filtering set up has been shifted on a cloud-based mode whereby no hardware is required at the ICTA premises. From November 2020 to November 2023, Netsweeper Inc. is the new service provider for CSA filtering which uses the same technology as before which is also cloud based.
The system is based on a hybrid Border Gateway Protocol (BGP) and Uniform Resource Locator (URL) filtering system. The first step is where a server containing the list of blocked sites (blacklist) checks the IP addresses of these sites and advertises the routes for these sites to go to a filtering server hosted at the ICT Authority rather than the destination web site. The second step is where the filtering server checks the URL against the blacklist using packet inspection and if blocked then the request is not passed on to the destination web site but redirected to a blocking server and displays a block page. If the site is not on the list, the filter passes the request as normal and the site is accessed by the ISP customer (“clean traffic”). The URL filtering list for this component will be the list provided by the Internet Watch Foundation (IWF), a non-profit organization that is widely recognised as one of the best in the world at managing a URL list of CSA sites coupled with the Interpol blacklist.
This system has the following advantages:
It has very little effect on the passage of most network traffic so has little effect on performance.
It has a lower cost than one-step filters that need to filter all of the ISP’s traffic.
As it does not have a proxy server it does not suffer from the potential problem of requests being changed to the proxy IP address from the customer’s original one.
As it uses external BGP it can be hosted external to the ISP and is ideal for country gateway implementations
The centralised system can be used as a cyber security infrastructure shared among ISPs and managed by the regulator
With the implementation of this CSA filtering solution, the regulator is ensuring that ISPs are supplying their customers with an Internet connection which is clean from access to CSA websites in the same way that a water company makes sure that the water provided in its pipes is uncontaminated.
(Please note that you will be redirected to stats section)